reagent
by fsmiamoto
Overview
Facilitates interactive, GitHub-style code reviews for AI agents directly in the browser, supporting various Git contexts and local files.
Installation
npx @fsmiamoto/reagent@latestEnvironment Variables
- REAGENT_PORT
- REAGENT_MAX_ATTEMPTS
Security Notes
CRITICAL VULNERABILITY: The `src/utils/git.ts` file uses `child_process.execSync` to run Git commands, directly interpolating user-provided inputs like `commitHash`, `base`, `head`, and `filePath` into the shell command string without sufficient sanitization. This creates a severe command injection vulnerability, allowing a malicious agent or user to execute arbitrary shell commands on the host system. For example, a crafted `commitHash` could be `'; rm -rf / ;'`. This is an extremely dangerous pattern.
Similar Servers
github-mcp-server
Connects AI tools (agents, assistants, chatbots) directly to GitHub's platform, enabling natural language interactions for repository management, issue/PR automation, code analysis, and workflow automation.
chrome-devtools-mcp
Enables AI coding agents to control and inspect a live Chrome browser for reliable automation, in-depth debugging, and performance analysis via the Model-Context-Protocol (MCP).
inspector
Inspect, debug, and interact with Model Context Protocol (MCP) servers, including OAuth authentication flows, resource management, and tool execution.
rocketship
This MCP server acts as a knowledgeable assistant for AI coding agents, providing guidance, examples, and introspection data for writing Rocketship tests, rather than directly generating test files.